1

I found information on Stack Overflow about this issue, though the number of clients was 12, there. Read Here. However, despite the fact that I don't suspect duplicate SUSClientIDs, I ran the suggested script on a Windows 10 machine and it only failed on all commands.

Since the script dates back to 2009-05-05, I believe, (I found it elsewhere on the Web, as well), I have to question whether this will still work for Windows 10. The reason being that I don't see half of the registry entries, used in the script, in any Windows 10 machine I checked, to be modified, or deleted, as it were. (This lack of entries was also true on a Windows 7 machine that checks in.)

Moreover, I'm finding that the SUSClientIDs are different, from machine to machine, and of the three primary machines I'm using, only the Windows 7 machine shows up in the WSUS console. I thought it might be a view setting, such as 100 per page, but this doesn't seem to be the case. The count reported states only 52 needing updates and only 48 not needing updates.

It would be greatly appreciated if anyone would have something to offer to help solve this puzzle, so we can move on...

Thanks

Edit: We tried disabling IPv6 as was suggested on Server Fault, Read Here. But this didn't yield anything on that test machine. In the meantime, one more Windows 10 machine showed up in the All Computers list. So, we're noticing that there is a mix of OSes (10/7), which would indicate that it's probably not a client OS version issue. I'm at a loss to come up with more things to check. We have Group Policy pointing to the right server...

cmc.tech
  • 11
  • 3

1 Answers1

1

To clarify, some Win10's do appear in WSUS console, while others do not?

  1. Do the problem systems have the following registry entries? Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate Values: WUServer, WUStatusServer. If these keys are missing, you may have GPO issues that are preventing the WSUS settings from being applied.
  2. Does the DNS name of the WSUS server resolve from these bad clients?
  3. Can you connect to port 8530 of the WSUS server? Powershell CLI (New-Object System.Net.Sockets.TcpClient "replace.your.wsus", 8530).connected should return "True"
  4. If you're running build 1709 or later, you can run Get-WindowsUpdateLog to generate the client side log. Review the log for errors about connecting to the WSUS server. Unfortunately producing that log in versions prior to 1709 is something I've never been able to accomplish.

There are other laundry lists of things to check for WSUS client issues:

Clayton
  • 4,483
  • 16
  • 24
  • Thanks, Clayton. I'm not ignoring you, just busy. So far my gut feeling is that it's boiling down to a Group Policy issue, because one OU is reporting a large number, comparatively, of machines which are all "needing updates". The other OUs are reporting few machines, but all with "no status". Otherwise, the status differences may point to the problem. – cmc.tech May 17 '18 at 19:40
  • Now, the only machines reporting "no status" are all Windows 7 systems. The ones reporting "needing updates" are a mix of Windows 7 and 10. The GPO appears to be making it down to the systems. – cmc.tech Jun 11 '18 at 15:02